Software Development Security Sample Clauses

Software Development Security. Customer Success Box adopts secure software development practices including stringent change management processes, software code reviews and testing.
Sample 1Sample 2Sample 3
AutoNDA by SimpleDocs
Software Development Security. In the event that Consultant conducts application software development for Board, Consultant shall: (a) either make source codes available for review by Board or shall conduct source code scanning using a commercial security tool; (b) cause scans to be conducted annually and at any time significant code changes are made; (c) make scan reports available to Board within two (2) weeks of execution; (d) disclose remediation timelines for high, medium and low risk security code defects; and (e) perform scans before code is implemented in production. Consultant hereby agrees that high risk security code defects may not be implemented in production without written approval from either Board Executive Director or a Deputy Executive Director.
Sample 1Sample 2
Software Development Security. In the event that Broker conducts application software development for PSERS, Broker shall: (a) either make source codes available for review by PSERS or shall conduct source code scanning using a commercial security tool; (b) cause scans to be conducted annually and at any time significant code changes are made; (c) make scan reports available to PSERS within two (2) weeks of execution; (d) disclose remediation timelines for high, medium and low risk security code defects; and (e) perform scans before code is implemented in production. Xxxxxx hereby agrees that high risk security code defects may not be implemented in production without written approval from either PSERS’ Executive Director or a Deputy Executive Director.
Sample 1
Software Development Security. 11.1 Supplier shall design and implement all its products and Services delivered to Sanoma properly taking into account relevant privacy, internet safety and security related requirements (e.g. privacy and security by design). This means in practice that for any new or changed functionality supplier shall conduct:  architectural/design threat analysis and for identified risks define which controls are to be implemented and which risks will be treated in some other jointly agreed way.  security and privacy assessment (e.g. internal/external audits or testing) for features that have been flagged as a risky area in threat analysis, or are a part of a security or privacy control. Architectural/design threat analysis should be based on data flow diagrams and cover at the minimum but not limited to  Identity and access management  Impacted user experience/business logic flows  Impacted personal data flows  Software dependencies (e.g. third party components, libraries)  Deployment architecture  Software development pipeline  Auditability (e.g. logging)  Service/Product lifecycle until retirement 11.2 Applications and programming interfaces (APIs) shall be designed, developed, deployed, and tested in accordance with leading industry standards (e.g. OWASP top 10 for web applications and OWASP ASVS for testing coverage) and adhere to applicable legal, statutory, or regulatory compliance obligations. 11.3 Supplier shall bring continuous visibility to Sanoma of the identified risks, threats and assessment results. 11.4 Sanoma or its designated security auditing partners may perform ad hoc testing and application security reviews of any service that is about to be deployed or that is currently operated by Supplier. Sanoma strives to inform the Supplier five (5) days in advance of such testing and reviews. Supplier shall immediately report any Critical Vulnerabilities (as defined below) or findings to Sanoma. Sanoma is responsible for the costs of the reviews and tests Sanoma or its designated security auditing partners conduct at Sanoma’s initiative However, should the testing or review reveal any violation or breach of this Appendix by Supplier, Supplier shall without delay compensate Sanoma for the costs arising from the audit and remedy the breach. Critical Vulnerability means a vulnerability scored as, or equivalent in severity to, a CVSS (Common Vulnerabilities and Scoring System, latest applicable version) base and/or temporal scores equal to or higher ...
Sample 1

Related to Software Development Security

  • Software Development Software designs, prototypes, and all documentation for the final designs developed under this agreement must be made fully transferable upon direction of NSF. NSF may make the software design, prototype, and documentation for the final design available to competitors for review during any anticipated re-competition of the project.

  • Software Products Save as otherwise set forth in the Agreement, the right to use any Software Product is personal to the Licensee, for its own internal use, and is non-transferable, except with the Licensor’s prior written consent, in which case the Licensee shall cause the assignee or sub-licensee to agree to the terms of this Software License.

  • Software and Documentation Licensee may make as many copies of the Software necessary for it to use the Software as licensed. Each copy of the Software made by Licensee must contain the same copyright and other notices that appear on the original copy. Licensee will not modify the Documentation. Documentation may: (a) only be used to support Licensee’s use of the Software; (b) not be republished or redistributed to any unauthorized third party; and (c) not be distributed or used to conduct training for which Licensee, or any other party, receives a fee. Licensee will not copy any system schema reference document related to the Software.

  • Licensed Software Computer program(s) provided by Contractor in connection with the Deliverables, subject to Section 14 of this Contract.

  • Technology Research Analyst Job# 1810 General Characteristics

  • Antivirus software All workstations, laptops and other systems that process and/or store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have installed and actively use comprehensive anti-virus software solution with automatic updates scheduled at least daily.

  • SOFTWARE LICENSE GRANT Where Product is acquired on a licensed basis the following shall constitute the license grant:

  • Software License Terms (a) Software that is made available by a Provider to Recipient in connection with any Service (any such Software being referred to herein as “TSA-Licensed Software”) provided hereunder will be subject to the terms set forth in this Section 3.5 except as otherwise provided in the applicable Service Schedule. The Provider hereby grants to the Recipient a non-exclusive, non-transferable license to use, in object code form, any TSA-Licensed Software that is made available by the Provider pursuant to a Service Schedule. For the avoidance of doubt, the Provider that makes available any TSA-Licensed Software in connection with the provision of any Service retains the unrestricted right to enhance or otherwise modify such TSA-Licensed Software at any time, provided that such enhancements or other modifications do not disrupt the provision of such Service to the Recipient. (b) The Recipient may not exceed the number of licenses, agents, tiers, nodes, seats, or other use restrictions or authorizations, if any, specified in the applicable Service Schedule. Some TSA-Licensed Software may require license keys or contain other technical protection measures. The Recipient acknowledges that the Provider may monitor the Recipient’s compliance with use restrictions and authorizations remotely, or otherwise. If the Provider makes a license management program available which records and reports license usage information, the Recipient agrees to appropriately install, configure and execute such license management program. (c) Unless otherwise permitted by the Provider, the Recipient may only make copies or adaptations of the TSA-Licensed Software for archival purposes or when copying or adaptation is an essential step in the authorized use of TSA-Licensed Software. If the Recipient makes a copy for backup purposes and installs such copy on a backup device, the Recipient may not operate such backup installation of the TSA-Licensed Software without paying an additional license fee, except in cases where the original device becomes inoperable. If a copy is activated on a backup device in response to failure of the original device, the use on the backup device must be discontinued when the original or replacement device becomes operable. The Recipient may not copy the TSA-Licensed Software onto or otherwise use or make it available on, to, or through any public or external distributed network. Licenses that allow use over the Recipient’s intranet require restricted access by authorized users only. (d) The Recipient must reproduce all copyright notices that appear in or on the TSA-Licensed Software (including documentation) on all permitted copies or adaptations. Copies of documentation are limited to internal use. (e) Notwithstanding anything to the contrary herein, certain TSA-Licensed Software may be licensed under the applicable Service Schedule for use only on a computer system owned, controlled, or operated by or solely on behalf of the Recipient and may be further identified by the Provider by the combination of a unique number and a specific system type (“Designated System”) and such license will terminate in the event of a change in either the system number or system type, an unauthorized relocation, or if the Designated System ceases to be within the possession or control of the Recipient. (f) The Recipient will not modify, reverse engineer, disassemble, decrypt, decompile, or make derivative works of the TSA-Licensed Software. Where the Recipient has other rights mandated under statute, the Recipient will provide the Provider with reasonably detailed information regarding any intended modifications, reverse engineering, disassembly, decryption, or decompilation and the purposes therefor. (g) The Recipient may permit a consultant or subcontractor to use TSA-Licensed Software at the licensed location for the sole purpose of providing services to the Recipient. (h) Upon expiration or termination of the Service Schedule under which TSA-Licensed Software is made available, the Recipient will destroy the TSA-Licensed Software. The Recipient will remove and destroy or return to the Provider any copies of the TSA-Licensed Software that are merged into adaptations, except for individual pieces of data in the Recipient’s database. The Recipient will provide certification of the destruction of TSA-Licensed Software, and copies thereof, to the Provider. The Recipient may retain one copy of the TSA-Licensed Software subsequent to expiration or termination solely for archival purposes. (i) The Recipient may not sublicense, assign, transfer, rent, or lease the TSA-Licensed Software to any other person except as permitted in this Section 3.5. (j) The Recipient agrees that the Provider may engage a third party designated by the Provider and approved by the Recipient (such approval not to be unreasonably withheld) to audit the Recipient’s compliance with the Software License terms. Any such audit will be at the Provider’s expense, require reasonable notice, and will be performed during normal business hours. Such third party will be required to execute a non-disclosure agreement that restricts such third party from disclosing confidential information of the Recipient to the Provider, except to the extent required to report on the extent to which the Recipient is not in compliance with the Software License terms.

  • Technical Interfaces 3.2.6.1 The Interconnection facilities provided by each Party shall be formatted using either Alternate Xxxx Inversion (AMI) line code with Superframe format framing or Bipolar 8-Zero Substitution with Extended Superframe (B8ZS ESF) format framing or any mutually agreeable line coding and framing.

  • COMMERCIAL COMPUTER SOFTWARE If performance involves acquisition of existing computer software, the following Company Exhibit is incorporated by reference: CCS Commercial Computer Software License (Company – July 2010).

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!